.Bank Domain: What you Need to Know

Background

In 2008, the Internet Corporation for Assigned Names and Numbers (ICANN), which manages the registration of internet domain names, approved a program to open up the Internet to thousands of additional top level domains in addition to existing generic domains such as .com, .gov, .edu, .net, and .org, to name a few. 

Due to cybersecurity concerns and the overcrowded internet arena, the American Banking Association joined forces with Financial Services Roundtable and other industry members in 2011 to form fTLD Registry Services, LLC ("FRS") and apply for the authority to operate and govern the .bank and .insurance domain names.

On September 25, 2014, ICANN granted the application of FRS to operate .bank along with .insurance. The .bank domain name will only be available for registration to verified members of the banking community. This process will include charter verification through each applicant's state or national regulatory agency on a first come, first serve basis.

The .bank domain combined with verification and other security requirements put in place by FRS will provide a new marketing and branding tool for financial institutions with enhanced security controls that current, generic domain names cannot provide.

Increased Security

The primary benefit of having a .bank domain name is the added security measures that are not included in other generic top level domains (gTLDs) such as .com or .net. With the new domain name several increased security measures have been implemented:

• The use of the .bank domain by verified banks and other financial institutions should reduce spoofing and other malicious email or internet-based scams that prey on bank customers. Because each bank applying for the domain will be verified and authenticated as a bank or financial institution, bank customers will be able to quickly distinguish authentic emails from their financial institution from potentially malicious attempts to obtain personal identifying information ("PII") or banking information.
• Unlike existing gTLDs, the .bank domain will include an increased level of encryption (NIST Level 3 Encryption), which should decrease the risk of criminals redirecting customers to nonbanking websites, or stealing their PII or banking information.
• Lately, the .bank domain will have increased abuse monitoring and compliance enforcement to help ensure that only verified financial institutions will be able to use the domain. An individual from each financial institution must be established as the point of contact to help verify their business status as a member of the banking community and to ensure compliance with the new domain requirements.

Registrants who apply for the .bank domain will also be asked to agree to terms and conditions under the Acceptable Use Policy (AUP) and will be responsible for the usage of its domain at all times.

.Bank Availability & Timeline

The .bank domain is estimated to be available to the general public on June 24, 2015. Domains will be assigned on a first come, first serve basis. The multiplicity of banks across the country that share identical or similar names is likely to create a race to register once this open registration period begins. In addition to this general availability date there are two potential dates during which certain parties may complete early registration.

Financial institutions that own a federally registered trademark on their name can take advantage of a 30-day "Sunrise Period" beginning on approximately May 18, 2015. During this Sunrise Period, a bank may record their trademarks via ICANN's Trademark Clearinghouse and register for their respective .bank domain name early. The cost of registration is $150 per trademark, per year for most financial institutions and will allow them to obtain .bank domain names only if such names are identical to the trademark owned.

Should a financial institution wish to register a name that deviates from their registered trademark, it must wait until the later general availability period. Immediately after the Sunrise Period, there will also be a brief period during which the founding members of FRS will have early access to register domains (approximately June 17th - June 23rd). All other verified members of the global banking community may register domains beginning on approximately June 24, 2015.

Financial institutions desiring to register domains will do so through various registrars that have been approved by and contract with FRS. The growing list on approved registrars is currently available of the FRS website at https://www.ftld.com/approved-registrars. These registrars, however, cannot process requests for domain names until the opening of the registration periods set forth above.

The cost of a .bank domain registration will vary based on the registrar providing the service. Each registrar determines its own pricing and is responsible for paying a set fee to FRS. It is anticipated that the .bank domain registration fees will be higher than gTLD domain names to fund the enhanced security measures associated with the .bank domain.

Timeline Summary:

• Sunrise Period ( registered trademark owners): Estimated May 18 - June 16
• Founders (founding members of FRS): Estimated June 17 - June 23
• General Availability (eligible members of banking community): Estimated June 24 - Ongoing

Recommendations

Over the next few months, we recommend that financial institutions desiring to register a .bank domain develop a strategy for registration that best suits its eligibility and needs. For example, financial institutions should review their federal trademark portfolios to determine eligibility to register a domain early during the Sunrise Period.

Note that early registration requires the domain to match the trademark exactly (e.g. a trademark for "ABC BANK" can only be registered as ABCBANK.bank during the Sunrise Period). Due to the proximity of the general availability date, it is unlikely that a new trademark registration can be completed in such a short time.

Financial institutions that have common names should establish several potential options for domain name registration in case the first, second or third option is already taken.

Additionally, community banks that are specific to a geographic region or have a specific customer profile may wish to register a domain geared towards that customer or geographic region. Such a strategy can provide additional visibility for the financial institution in addition to a traditional domain associated with the institution's name.

Finally, financial institutions that have not registered names or marks for federal trademark protection should consider doing so. The trademark registration process is relatively simple two-step process.

First, a search of the trademark database is conducted for similar marks to ensure the likelihood that an application will be approved by the U.S. Patent and Trademark Office. Provided no registrations exist that may create a likelihood of confusion with applicant's mark, a short application describing the mark, owner, and a description of services covered is submitted to the U.S. Patent and Trademark Office.

Once submitted, an application will be assigned to an examining attorney within three months and a review of the application should be completed with 6-12 months of initial submission of the application.